Описание
An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offline during the build, the no_log attribute of a task is ignored. If the unreachable error occurred in a task used with a loop variable (e.g., with_items), the contents of the loop items would be printed in the console. This could lead to accidentally leaking credentials or secrets.
Ссылки
- Mailing ListVendor Advisory
- PatchVendor Advisory
- Mailing ListVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
9.8 Critical
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offl ...
An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offline during the build, the no_log attribute of a task is ignored. If the unreachable error occurred in a task used with a loop variable (e.g., with_items), the contents of the loop items would be printed in the console. This could lead to accidentally leaking credentials or secrets.
EPSS
9.8 Critical
CVSS3
5 Medium
CVSS2